Re: As seen above: use of su vs sudo

To: debian-user@lists.debian.org
Subject: Re: As seen above: use of su vs sudo
From: Nemeth Gyorgy <friczy@freemail.hu>
Date: Tue, 7 Aug 2018 21:08:34 +0200
Message-id: <[🔎] 02fb73c7-2ec2-b0e7-8560-2bd07190dac7@freemail.hu>
In-reply-to: <[🔎] 5B699579.9000805@fastmail.fm>
References: <[🔎] 9494b29f-b9a2-7f3b-be33-0824df53aea3@online.de> <[🔎] 5B69806D.7050901@fastmail.fm> <[🔎] 722f650b-7cad-df7e-884a-d3cb994d6f03@online.de> <[🔎] 5B698B9C.1030902@fastmail.fm> <[🔎] 883ba059-4114-f2c7-3240-7f29ea497a63@online.de> <[🔎] 5B699579.9000805@fastmail.fm>

2018-08-07 14:50 keltezéssel, The Wanderer írta:
>
> But it's more secure to require a second password to do elevated things
> than to permit doing those things with the same password as is used for
> ordinary activities.

Then use other pam backend module for sudo and not the 'common-auth'.
There are lot of pam auth methods. You only have to create a second
database which is supported by some of the libpam modules and modify
/etc/pam.d/sudo

In this case you still don't have to share a common root password (which
is really bad) and can require a second password for doing elevated things.

Reply to:

Follow-Ups:
- Re: As seen above: use of su vs sudo
  - From: Gene Heskett <gheskett@shentel.net>

References:
- As seen above: use of su vs sudo
  - From: Martin Drescher <keine-eile@online.de>
- Re: As seen above: use of su vs sudo
  - From: The Wanderer <wanderer@fastmail.fm>
- Re: As seen above: use of su vs sudo
  - From: Martin <keine-eile@online.de>
- Re: As seen above: use of su vs sudo
  - From: The Wanderer <wanderer@fastmail.fm>
- Re: As seen above: use of su vs sudo
  - From: Martin <keine-eile@online.de>
- Re: As seen above: use of su vs sudo
  - From: The Wanderer <wanderer@fastmail.fm>

Prev by Date: Re: Asck some information for start to help Debian
Next by Date: Re: need help with sftp
Previous by thread: Re: As seen above: use of su vs sudo
Next by thread: Re: As seen above: use of su vs sudo
Index(es):
- Date
- Thread